An Active Testing Tool for Security Testing of Distributed Systems

Aouadi, Mohamed H. E.; Toumi, Khalifa; Cavalli, Ana

doi:10.1109/ares.2015.97

Cited by 5 publications

(4 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Few studies were classified as Experimental Study, Proof of Concepts and Theoretical, representing, respectively, 9.2% (8), 3.45% (3) and 4.6% (4). From the perspective of MBT activities, the most researched MBT activity of the primary studies [27] Gherkin language [68] predicate/transition nets (Petri nets) [48] GUI model x [51, 69] RTCM [103] IF language [60] Simulink/Stateflow [41,77,84,89] Lyra modelling [25] TA mapping model [96] [30,40,55,90,92,102] model-implementation (MI) description [46] TTCN-3 [28,56] MI mapping) [48] Z notation [34,49] MSC [56] MCMs [35,37] Organization for the Advancement of Structured Information Standards (OASIS)/Open Service Oriented Architecture (OSOA) [21] Palladio component model [65] PBM [27] QML [20,23,104] SBM [74] SIM [74] S# test models [66] specification and abstraction language for testing [100] Spec# [9,23,42] TCM [74] TTSs [54] TestingMM [37] threat MI d...…”

Section: Rq3: In Which Application Domains Is Mbt Applied To?mentioning

confidence: 99%

Systematic mapping study on MBT: tools and models

et al. 2017

View full text Add to dashboard Cite

Every year several contributions to the model-based testing (MBT) field are published. Therefore, to follow the evolution and trends of several tools and models available is difficult. Moreover, since the variety of models and tools that became available in recent years, choosing an approach to support the MBT process is a challenging activity. The main objective of this study is to provide an overview on MBT tools and models used by those tools. Furthermore, the authors' study can help academic researchers and companies to understand the topics involving MBT. Therefore, a systematic mapping study was conducted in which 1197 distinct papers were evaluated. At the end, 87 primary studies were selected to be analysed in a quantitative and qualitative way. As a result, they classified the tools and models that are currently used to support MBT. Moreover, they identified 70 MBT tools, as well as different domains in which MBT is already applied to. Therefore, there are some evidence that MBT continues to be a broad and 'alive' research field since every year a significant number of papers presenting different kinds of contributions are published.

show abstract

Section: Rq3: In Which Application Domains Is Mbt Applied To?mentioning

confidence: 99%

Systematic mapping study on MBT: tools and models

et al. 2017

View full text Add to dashboard Cite

show abstract

“…Las principales estrategias que utilizan las propuestas que juegan el rol de defensoras son:  Principio de monitoreo, detectando si algo pasa fuera de lo común, por lo general estas herramientas se basan en un proceso iterativo [20], [21].  Generación de casos de pruebas y ejecución de en determinados sitios web [16], [33].  Automatización de los procedimientos de prueba utilizando los requisitos de seguridad [21].…”

Section: Resultados Y Discusiónunclassified

Pruebas de seguridad: Estudio de herramientas

Hadfeg

Vega

2017

Lámpsakos

View full text Add to dashboard Cite

Hoy día con el desarrollo y el avance de la tecnología los productos software son parte de nuestra vida cotidiana. Estos productos constituyen un soporte para casi todas nuestras tareas. Estas tareas pueden tener un desempeño fundamental o no, y van desde ejecutar la conducción de un avión a través de un piloto automático hasta posibilitar el funcionamiento de los dispensadores de billetes o cajeros automáticos. Por la criticidad de los procesos en los que ellos se encuentran relacionado, es necesario que se cumplan dos características fundamentales; la primera, que tengan un nivel de calidad aceptado y la segunda, que sean productos seguros.La seguridad en los softwares es un atributo no funcional que influye directamente en la calidad del producto. Realizar pruebas a los requisitos no funcionales para constatar su desempeño, tal y como se hace con los requisitos funcionales es una tarea tediosa. Como alternativa a este problema se han desarrollado herramientas que de forma automática o semiautomática realizan pruebas de diferente índole a los sistemas. El objetivo de este trabajo es identificar las herramientas software existentes para realizar pruebas relacionadas con la seguridad. Para cumplir este objetivo se realiza un estudio del estado del arte de las herramientas para realizar pruebas de seguridad desde el 2010 a la fecha.

show abstract

“…They believe that the Extended Finite State Machine (EFSM) security model can be automatically generated through a formal description and point out that it is possible to generate test cases through model-checking techniques. Aouadi et al [ 76 ] designed an automatic formal testing tool for distributed systems. They improved the tool by developing a user interface and also proposed a method to automatically generate test objects, which saves time and increases efficiency.…”

Section: Automotive Cybersecurity Testing Methodsmentioning

confidence: 99%

Cybersecurity Testing for Automotive Domain: A Survey

Luo

Zhang

Yang

et al. 2022

Sensors

View full text Add to dashboard Cite

Modern vehicles are more complex and interconnected than ever before, which also means that attack surfaces for vehicles have increased significantly. Malicious cyberattacks will not only exploit personal privacy and property, but also affect the functional safety of electrical/electronic (E/E) safety-critical systems by controlling the driving functionality, which is life-threatening. Therefore, it is necessary to conduct cybersecurity testing on vehicles to reveal and address relevant security threats and vulnerabilities. Cybersecurity standards and regulations issued in recent years, such as ISO/SAE 21434 and UNECE WP.29 regulations (R155 and R156), also emphasize the indispensability of cybersecurity verification and validation in the development lifecycle but lack specific technical details. Thus, this paper conducts a systematic and comprehensive review of the research and practice in the field of automotive cybersecurity testing, which can provide reference and advice for automotive security researchers and testers. We classify and discuss the security testing methods and testbeds in automotive engineering. Furthermore, we identify gaps and limitations in existing research and point out future challenges.

show abstract

An Active Testing Tool for Security Testing of Distributed Systems

Cited by 5 publications

References 14 publications

Systematic mapping study on MBT: tools and models

Systematic mapping study on MBT: tools and models

Pruebas de seguridad: Estudio de herramientas

Cybersecurity Testing for Automotive Domain: A Survey

Contact Info

Product

Resources

About